package com.io.controller;

import com.io.dto.ApiResult;
import com.io.utils.annotation.DataFilter;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.util.Map;

/**
 * The class/interface
 *
 * @author guodd
 * @version 1.0 use jdk 1.8
 */
@Api(tags = "demo测试")
@RestController
@RequestMapping(value = "/openApi")
public class DemoController {
    @GetMapping(value = "/demo")
    @DataFilter(subDept = true, user = false)
    public ApiResult demo(@RequestParam Map<String, Object> par) {
        return ApiResult.ok();
    }

    @ApiOperation(value = "游客登录", notes = "所有人都可以访问，但是用户与游客看到的内容不同")
    @GetMapping("/article")
    public ApiResult article() {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            return ApiResult.ok("您已经登录");
        } else {
            return ApiResult.ok("您是游客");
        }
    }

    @ApiOperation(value = "用户登录", notes = "登入的用户才可以进行访问，即需要携带token")
    @GetMapping("/require_auth")
    @RequiresAuthentication
    public ApiResult requireAuth() {
        return ApiResult.ok("您被认证了");
    }


    @ApiOperation(value = "admin的角色用户才可以登入")
    @GetMapping("/require_role")
    @RequiresRoles("admin")
    public ApiResult requireRole() {
        return ApiResult.ok("You are visiting require_role");
    }

    @ApiOperation(value = "拥有view和edit权限的用户才可以访问")
    @GetMapping("/require_permission")
    @RequiresPermissions(logical = Logical.AND, value = {"view", "edit", "sys:menu:delete"})
    public ApiResult requirePermission() {
        return ApiResult.ok("You are visiting permission require edit,view");
    }
}
